<?php 
session_start();
require("connect.php");
$user = $_POST["txtUser"];
$pass = $_POST["txtPass"];
$sql = "select * from user where utendangnhap = '{$user}'";
$rs = mysql_query($sql) or die("Error in customer table");
$r=mysql_fetch_array($rs);
if (mysql_num_rows($rs)==1){
	if($r["upassword"]==md5($pass) ){
		$_SESSION["loginerror"]="";
	$_SESSION["userlogin"] =true;
	$_SESSION["username"] = $r["utendangnhap"];
	header("location:index.php");
	} else {
		$_SESSION["loginerror"]="User not exist or password invalid!";
		$_SESSION["userlogin"] =false;
		$_SESSION["username"] = ""; 
		header("location:index.php");
}
}else {
		$_SESSION["loginerror"]="User not exist or password invalid!";
		$_SESSION["userlogin"] =false;
		$_SESSION["username"] = ""; 
		header("location:index.php");
}
?>
